func setup() {

	var err error
	if err = configuration.Setup(""); err != nil {
		panic(fmt.Errorf("Failed to setup the configuration: %s", err.Error()))
	}

	oauth := &oauth2.Config{
		ClientID:     configuration.GetKeycloakClientID(),
		ClientSecret: configuration.GetKeycloakSecret(),
		Scopes:       []string{"user:email"},
		Endpoint: oauth2.Endpoint{
			AuthURL:  "http://sso.demo.almighty.io/auth/realms/demo/protocol/openid-connect/auth",
			TokenURL: "http://sso.demo.almighty.io/auth/realms/demo/protocol/openid-connect/token",
		},
	}

	privateKey, err := token.ParsePrivateKey([]byte(configuration.GetTokenPrivateKey()))
	if err != nil {
		panic(err)
	}

	tokenManager := token.NewManagerWithPrivateKey(privateKey)
	userRepository := account.NewUserRepository(nil)
	identityRepository := account.NewIdentityRepository(nil)
	loginService = &KeycloakOAuthProvider{
		config:       oauth,
		Identities:   identityRepository,
		Users:        userRepository,
		TokenManager: tokenManager,
	}
}
Exemple #2
0
func createManager(t *testing.T) token.Manager {
	privateKey, err := token.ParsePrivateKey([]byte(token.RSAPrivateKey))
	if err != nil {
		t.Fatal("Could not parse private key")
	}

	return token.NewManagerWithPrivateKey(privateKey)
}
func (s *CommentsSuite) securedControllers(identity account.Identity) (*goa.Service, *WorkitemController, *WorkItemCommentsController, *CommentsController) {
	priv, _ := almtoken.ParsePrivateKey([]byte(almtoken.RSAPrivateKey))
	svc := testsupport.ServiceAsUser("Comment-Service", almtoken.NewManagerWithPrivateKey(priv), identity)
	workitemCtrl := NewWorkitemController(svc, s.db)
	workitemCommentsCtrl := NewWorkItemCommentsController(svc, s.db)
	commentsCtrl := NewCommentsController(svc, s.db)
	return svc, workitemCtrl, workitemCommentsCtrl, commentsCtrl
}
// The SetupSuite method will run before the tests in the suite are run.
// It sets up a database connection for all the tests in this suite without polluting global space.
func (s *workItemLinkSuite) SetupSuite() {
	var err error

	if err = configuration.Setup(""); err != nil {
		panic(fmt.Errorf("Failed to setup the configuration: %s", err.Error()))
	}

	s.db, err = gorm.Open("postgres", configuration.GetPostgresConfigString())

	if err != nil {
		panic("Failed to connect database: " + err.Error())
	}

	// Make sure the database is populated with the correct types (e.g. bug etc.)
	if err := models.Transactional(DB, func(tx *gorm.DB) error {
		return migration.PopulateCommonTypes(context.Background(), tx, workitem.NewWorkItemTypeRepository(tx))
	}); err != nil {
		panic(err.Error())
	}

	require.Nil(s.T(), err)
	priv, err := almtoken.ParsePrivateKey([]byte(almtoken.RSAPrivateKey))
	require.Nil(s.T(), err)

	svc := goa.New("TestWorkItemLinkType-Service")
	require.NotNil(s.T(), svc)
	s.workItemLinkTypeCtrl = NewWorkItemLinkTypeController(svc, gormapplication.NewGormDB(DB))
	require.NotNil(s.T(), s.workItemLinkTypeCtrl)

	svc = goa.New("TestWorkItemLinkCategory-Service")
	require.NotNil(s.T(), svc)
	s.workItemLinkCategoryCtrl = NewWorkItemLinkCategoryController(svc, gormapplication.NewGormDB(DB))
	require.NotNil(s.T(), s.workItemLinkCategoryCtrl)

	svc = goa.New("TestWorkItemLink-Service")
	require.NotNil(s.T(), svc)
	s.workItemLinkCtrl = NewWorkItemLinkController(svc, gormapplication.NewGormDB(DB))
	require.NotNil(s.T(), s.workItemLinkCtrl)

	svc = goa.New("TestWorkItemRelationshipsLinks-Service")
	require.NotNil(s.T(), svc)
	s.workItemRelsLinksCtrl = NewWorkItemRelationshipsLinksController(svc, gormapplication.NewGormDB(DB))
	require.NotNil(s.T(), s.workItemRelsLinksCtrl)

	s.workItemSvc = testsupport.ServiceAsUser("TestWorkItem-Service", almtoken.NewManagerWithPrivateKey(priv), testsupport.TestIdentity)
	require.NotNil(s.T(), s.workItemSvc)
	s.workItemCtrl = NewWorkitemController(svc, gormapplication.NewGormDB(DB))
	require.NotNil(s.T(), s.workItemCtrl)
}
Exemple #5
0
func TestExtractWithInvalidToken(t *testing.T) {
	// This tests generates invalid Token
	// by setting expired date, empty UUID, not setting UUID
	// all above cases are invalid
	// hence manager.Extract should fail in all above cases
	manager := createManager(t)
	privateKey, err := token.ParsePrivateKey([]byte(token.RSAPrivateKey))

	tok := jwt.New(jwt.SigningMethodRS256)
	// add already expired time to "exp" claim"
	claims := jwt.MapClaims{"sub": "some_uuid", "exp": float64(time.Now().Unix() - 100)}
	tok.Claims = claims
	tokenStr, err := tok.SignedString(privateKey)
	if err != nil {
		panic(err)
	}
	idn, err := manager.Extract(tokenStr)
	if err == nil {
		t.Error("Expired token should not be parsed. Error must not be nil", idn, err)
	}

	// now set correct EXP but do not set uuid
	claims = jwt.MapClaims{"exp": float64(time.Now().AddDate(0, 0, 1).Unix())}
	tok.Claims = claims
	tokenStr, err = tok.SignedString(privateKey)
	if err != nil {
		panic(err)
	}
	idn, err = manager.Extract(tokenStr)
	if err == nil {
		t.Error("Invalid token should not be parsed. Error must not be nil", idn, err)
	}

	// now set UUID to empty String
	claims = jwt.MapClaims{"sub": ""}
	tok.Claims = claims
	tokenStr, err = tok.SignedString(privateKey)
	if err != nil {
		panic(err)
	}
	idn, err = manager.Extract(tokenStr)
	if err == nil {
		t.Error("Invalid token should not be parsed. Error must not be nil", idn, err)
	}
}
func TestMain(m *testing.M) {
	if _, c := os.LookupEnv(resource.Database); c != false {
		var err error
		if err = configuration.Setup(""); err != nil {
			panic(fmt.Errorf("Failed to setup the configuration: %s", err.Error()))
		}

		db, err = gorm.Open("postgres", configuration.GetPostgresConfigString())
		if err != nil {
			panic("Failed to connect database: " + err.Error())
		}
		defer db.Close()

		// Migrate the schema
		err = migration.Migrate(db.DB())
		if err != nil {
			panic(err.Error())
		}

	}

	oauth := &oauth2.Config{
		ClientID:     configuration.GetKeycloakClientID(),
		ClientSecret: configuration.GetKeycloakSecret(),
		Scopes:       []string{"user:email"},
		Endpoint: oauth2.Endpoint{
			AuthURL:  "http://sso.demo.almighty.io/auth/realms/demo/protocol/openid-connect/auth",
			TokenURL: "http://sso.demo.almighty.io/auth/realms/demo/protocol/openid-connect/token",
		},
	}

	privateKey, err := token.ParsePrivateKey([]byte(token.RSAPrivateKey))
	if err != nil {
		panic(err)
	}

	tokenManager := token.NewManagerWithPrivateKey(privateKey)
	userRepository := account.NewUserRepository(db)
	identityRepository := account.NewIdentityRepository(db)
	app := gormapplication.NewGormDB(db)
	loginService = NewKeycloakOAuthProvider(oauth, identityRepository, userRepository, tokenManager, app)

	os.Exit(m.Run())
}
func getServiceAsUser() *goa.Service {
	priv, _ := almtoken.ParsePrivateKey([]byte(almtoken.RSAPrivateKey))
	service := testsupport.ServiceAsUser("TestSearch-Service", almtoken.NewManagerWithPrivateKey(priv), testsupport.TestIdentity)
	return service
}
func (rest *TestSpaceIterationREST) SecuredController() (*goa.Service, *SpaceIterationsController) {
	priv, _ := almtoken.ParsePrivateKey([]byte(almtoken.RSAPrivateKey))

	svc := testsupport.ServiceAsUser("Iteration-Service", almtoken.NewManagerWithPrivateKey(priv), testsupport.TestIdentity)
	return svc, NewSpaceIterationsController(svc, rest.db)
}
Exemple #9
0
func newUserController(identity *account.Identity, user *account.User) *UserController {
	priv, _ := almtoken.ParsePrivateKey([]byte(almtoken.RSAPrivateKey))
	return NewUserController(goa.New("alm-test"), newGormTestBase(identity, user), almtoken.NewManagerWithPrivateKey(priv))
}
func (rest *TestCommentREST) SecuredController() (*goa.Service, *WorkItemCommentsController) {
	priv, _ := almtoken.ParsePrivateKey([]byte(almtoken.RSAPrivateKey))

	svc := testsupport.ServiceAsUser("WorkItemComment-Service", almtoken.NewManagerWithPrivateKey(priv), testsupport.TestIdentity)
	return svc, NewWorkItemCommentsController(svc, rest.db)
}